Gitiles
Code Review Sign In
gerrit.openfyde.cn / github.com / raspberrypi / raspberrypi-kernel / 2aee09d8c1164219971c7b396f2235bd5334018c / . / mm / hmm.c
blob: 290c872062a144260ea67681e7e7763ba112180a [file] [log] [blame]
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]1/*
2 * Copyright 2013 Red Hat Inc.
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * Authors: Jérôme Glisse <jglisse@redhat.com>
15 */
16/*
17 * Refer to include/linux/hmm.h for information about heterogeneous memory
18 * management or HMM for short.
19 */
20#include <linux/mm.h>
21#include <linux/hmm.h>
Jérôme Glisse858b54d2017-09-08 16:12:02 -0700[diff] [blame]22#include <linux/init.h>
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]23#include <linux/rmap.h>
24#include <linux/swap.h>
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]25#include <linux/slab.h>
26#include <linux/sched.h>
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]27#include <linux/mmzone.h>
28#include <linux/pagemap.h>
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]29#include <linux/swapops.h>
30#include <linux/hugetlb.h>
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]31#include <linux/memremap.h>
Jérôme Glisse7b2d55d22017-09-08 16:11:46 -0700[diff] [blame]32#include <linux/jump_label.h>
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]33#include <linux/mmu_notifier.h>
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]34#include <linux/memory_hotplug.h>
35
36#define PA_SECTION_SIZE (1UL << PA_SECTION_SHIFT)
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]37
Jérôme Glisse6b368cd2017-09-08 16:12:32 -0700[diff] [blame]38#if defined(CONFIG_DEVICE_PRIVATE) || defined(CONFIG_DEVICE_PUBLIC)
Jérôme Glisse7b2d55d22017-09-08 16:11:46 -0700[diff] [blame]39/*
40 * Device private memory see HMM (Documentation/vm/hmm.txt) or hmm.h
41 */
42DEFINE_STATIC_KEY_FALSE(device_private_key);
43EXPORT_SYMBOL(device_private_key);
Jérôme Glisse6b368cd2017-09-08 16:12:32 -0700[diff] [blame]44#endif /* CONFIG_DEVICE_PRIVATE || CONFIG_DEVICE_PUBLIC */
Jérôme Glisse7b2d55d22017-09-08 16:11:46 -0700[diff] [blame]45
46
Jérôme Glisse6b368cd2017-09-08 16:12:32 -0700[diff] [blame]47#if IS_ENABLED(CONFIG_HMM_MIRROR)
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]48static const struct mmu_notifier_ops hmm_mmu_notifier_ops;
49
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]50/*
51 * struct hmm - HMM per mm struct
52 *
53 * @mm: mm struct this HMM struct is bound to
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]54 * @lock: lock protecting ranges list
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]55 * @sequence: we track updates to the CPU page table with a sequence number
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]56 * @ranges: list of range being snapshotted
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]57 * @mirrors: list of mirrors for this mm
58 * @mmu_notifier: mmu notifier to track updates to CPU page table
59 * @mirrors_sem: read/write semaphore protecting the mirrors list
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]60 */
61struct hmm {
62 struct mm_struct *mm;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]63 spinlock_t lock;
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]64 atomic_t sequence;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]65 struct list_head ranges;
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]66 struct list_head mirrors;
67 struct mmu_notifier mmu_notifier;
68 struct rw_semaphore mirrors_sem;
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]69};
70
71/*
72 * hmm_register - register HMM against an mm (HMM internal)
73 *
74 * @mm: mm struct to attach to
75 *
76 * This is not intended to be used directly by device drivers. It allocates an
77 * HMM struct if mm does not have one, and initializes it.
78 */
79static struct hmm *hmm_register(struct mm_struct *mm)
80{
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]81 struct hmm *hmm = READ_ONCE(mm->hmm);
82 bool cleanup = false;
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]83
84 /*
85 * The hmm struct can only be freed once the mm_struct goes away,
86 * hence we should always have pre-allocated an new hmm struct
87 * above.
88 */
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]89 if (hmm)
90 return hmm;
91
92 hmm = kmalloc(sizeof(*hmm), GFP_KERNEL);
93 if (!hmm)
94 return NULL;
95 INIT_LIST_HEAD(&hmm->mirrors);
96 init_rwsem(&hmm->mirrors_sem);
97 atomic_set(&hmm->sequence, 0);
98 hmm->mmu_notifier.ops = NULL;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]99 INIT_LIST_HEAD(&hmm->ranges);
100 spin_lock_init(&hmm->lock);
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]101 hmm->mm = mm;
102
103 /*
104 * We should only get here if hold the mmap_sem in write mode ie on
105 * registration of first mirror through hmm_mirror_register()
106 */
107 hmm->mmu_notifier.ops = &hmm_mmu_notifier_ops;
108 if (__mmu_notifier_register(&hmm->mmu_notifier, mm)) {
109 kfree(hmm);
110 return NULL;
111 }
112
113 spin_lock(&mm->page_table_lock);
114 if (!mm->hmm)
115 mm->hmm = hmm;
116 else
117 cleanup = true;
118 spin_unlock(&mm->page_table_lock);
119
120 if (cleanup) {
121 mmu_notifier_unregister(&hmm->mmu_notifier, mm);
122 kfree(hmm);
123 }
124
Jérôme Glisse133ff0e2017-09-08 16:11:23 -0700[diff] [blame]125 return mm->hmm;
126}
127
128void hmm_mm_destroy(struct mm_struct *mm)
129{
130 kfree(mm->hmm);
131}
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]132
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]133static void hmm_invalidate_range(struct hmm *hmm,
134 enum hmm_update_type action,
135 unsigned long start,
136 unsigned long end)
137{
138 struct hmm_mirror *mirror;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]139 struct hmm_range *range;
140
141 spin_lock(&hmm->lock);
142 list_for_each_entry(range, &hmm->ranges, list) {
143 unsigned long addr, idx, npages;
144
145 if (end < range->start || start >= range->end)
146 continue;
147
148 range->valid = false;
149 addr = max(start, range->start);
150 idx = (addr - range->start) >> PAGE_SHIFT;
151 npages = (min(range->end, end) - addr) >> PAGE_SHIFT;
152 memset(&range->pfns[idx], 0, sizeof(*range->pfns) * npages);
153 }
154 spin_unlock(&hmm->lock);
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]155
156 down_read(&hmm->mirrors_sem);
157 list_for_each_entry(mirror, &hmm->mirrors, list)
158 mirror->ops->sync_cpu_device_pagetables(mirror, action,
159 start, end);
160 up_read(&hmm->mirrors_sem);
161}
162
Ralph Campbelle1401512018-04-10 16:28:19 -0700[diff] [blame]163static void hmm_release(struct mmu_notifier *mn, struct mm_struct *mm)
164{
165 struct hmm_mirror *mirror;
166 struct hmm *hmm = mm->hmm;
167
168 down_write(&hmm->mirrors_sem);
169 mirror = list_first_entry_or_null(&hmm->mirrors, struct hmm_mirror,
170 list);
171 while (mirror) {
172 list_del_init(&mirror->list);
173 if (mirror->ops->release) {
174 /*
175 * Drop mirrors_sem so callback can wait on any pending
176 * work that might itself trigger mmu_notifier callback
177 * and thus would deadlock with us.
178 */
179 up_write(&hmm->mirrors_sem);
180 mirror->ops->release(mirror);
181 down_write(&hmm->mirrors_sem);
182 }
183 mirror = list_first_entry_or_null(&hmm->mirrors,
184 struct hmm_mirror, list);
185 }
186 up_write(&hmm->mirrors_sem);
187}
188
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]189static void hmm_invalidate_range_start(struct mmu_notifier *mn,
190 struct mm_struct *mm,
191 unsigned long start,
192 unsigned long end)
193{
194 struct hmm *hmm = mm->hmm;
195
196 VM_BUG_ON(!hmm);
197
198 atomic_inc(&hmm->sequence);
199}
200
201static void hmm_invalidate_range_end(struct mmu_notifier *mn,
202 struct mm_struct *mm,
203 unsigned long start,
204 unsigned long end)
205{
206 struct hmm *hmm = mm->hmm;
207
208 VM_BUG_ON(!hmm);
209
210 hmm_invalidate_range(mm->hmm, HMM_UPDATE_INVALIDATE, start, end);
211}
212
213static const struct mmu_notifier_ops hmm_mmu_notifier_ops = {
Ralph Campbelle1401512018-04-10 16:28:19 -0700[diff] [blame]214 .release = hmm_release,
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]215 .invalidate_range_start = hmm_invalidate_range_start,
216 .invalidate_range_end = hmm_invalidate_range_end,
217};
218
219/*
220 * hmm_mirror_register() - register a mirror against an mm
221 *
222 * @mirror: new mirror struct to register
223 * @mm: mm to register against
224 *
225 * To start mirroring a process address space, the device driver must register
226 * an HMM mirror struct.
227 *
228 * THE mm->mmap_sem MUST BE HELD IN WRITE MODE !
229 */
230int hmm_mirror_register(struct hmm_mirror *mirror, struct mm_struct *mm)
231{
232 /* Sanity check */
233 if (!mm || !mirror || !mirror->ops)
234 return -EINVAL;
235
Jérôme Glissec01cbba2018-04-10 16:28:23 -0700[diff] [blame]236again:
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]237 mirror->hmm = hmm_register(mm);
238 if (!mirror->hmm)
239 return -ENOMEM;
240
241 down_write(&mirror->hmm->mirrors_sem);
Jérôme Glissec01cbba2018-04-10 16:28:23 -0700[diff] [blame]242 if (mirror->hmm->mm == NULL) {
243 /*
244 * A racing hmm_mirror_unregister() is about to destroy the hmm
245 * struct. Try again to allocate a new one.
246 */
247 up_write(&mirror->hmm->mirrors_sem);
248 mirror->hmm = NULL;
249 goto again;
250 } else {
251 list_add(&mirror->list, &mirror->hmm->mirrors);
252 up_write(&mirror->hmm->mirrors_sem);
253 }
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]254
255 return 0;
256}
257EXPORT_SYMBOL(hmm_mirror_register);
258
259/*
260 * hmm_mirror_unregister() - unregister a mirror
261 *
262 * @mirror: new mirror struct to register
263 *
264 * Stop mirroring a process address space, and cleanup.
265 */
266void hmm_mirror_unregister(struct hmm_mirror *mirror)
267{
Jérôme Glissec01cbba2018-04-10 16:28:23 -0700[diff] [blame]268 bool should_unregister = false;
269 struct mm_struct *mm;
270 struct hmm *hmm;
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]271
Jérôme Glissec01cbba2018-04-10 16:28:23 -0700[diff] [blame]272 if (mirror->hmm == NULL)
273 return;
274
275 hmm = mirror->hmm;
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]276 down_write(&hmm->mirrors_sem);
Ralph Campbelle1401512018-04-10 16:28:19 -0700[diff] [blame]277 list_del_init(&mirror->list);
Jérôme Glissec01cbba2018-04-10 16:28:23 -0700[diff] [blame]278 should_unregister = list_empty(&hmm->mirrors);
279 mirror->hmm = NULL;
280 mm = hmm->mm;
281 hmm->mm = NULL;
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]282 up_write(&hmm->mirrors_sem);
Jérôme Glissec01cbba2018-04-10 16:28:23 -0700[diff] [blame]283
284 if (!should_unregister || mm == NULL)
285 return;
286
287 spin_lock(&mm->page_table_lock);
288 if (mm->hmm == hmm)
289 mm->hmm = NULL;
290 spin_unlock(&mm->page_table_lock);
291
292 mmu_notifier_unregister_no_release(&hmm->mmu_notifier, mm);
293 kfree(hmm);
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]294}
295EXPORT_SYMBOL(hmm_mirror_unregister);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]296
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]297struct hmm_vma_walk {
298 struct hmm_range *range;
299 unsigned long last;
300 bool fault;
301 bool block;
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]302};
303
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]304static int hmm_vma_do_fault(struct mm_walk *walk, unsigned long addr,
305 bool write_fault, uint64_t *pfn)
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]306{
307 unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_REMOTE;
308 struct hmm_vma_walk *hmm_vma_walk = walk->private;
309 struct vm_area_struct *vma = walk->vma;
310 int r;
311
312 flags |= hmm_vma_walk->block ? 0 : FAULT_FLAG_ALLOW_RETRY;
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]313 flags |= write_fault ? FAULT_FLAG_WRITE : 0;
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]314 r = handle_mm_fault(vma, addr, flags);
315 if (r & VM_FAULT_RETRY)
316 return -EBUSY;
317 if (r & VM_FAULT_ERROR) {
318 *pfn = HMM_PFN_ERROR;
319 return -EFAULT;
320 }
321
322 return -EAGAIN;
323}
324
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]325static int hmm_pfns_bad(unsigned long addr,
326 unsigned long end,
327 struct mm_walk *walk)
328{
Jérôme Glissec7195472018-04-10 16:28:27 -0700[diff] [blame]329 struct hmm_vma_walk *hmm_vma_walk = walk->private;
330 struct hmm_range *range = hmm_vma_walk->range;
Jérôme Glisseff05c0c2018-04-10 16:28:38 -0700[diff] [blame]331 uint64_t *pfns = range->pfns;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]332 unsigned long i;
333
334 i = (addr - range->start) >> PAGE_SHIFT;
335 for (; addr < end; addr += PAGE_SIZE, i++)
336 pfns[i] = HMM_PFN_ERROR;
337
338 return 0;
339}
340
Jérôme Glisse5504ed22018-04-10 16:28:46 -0700[diff] [blame]341/*
342 * hmm_vma_walk_hole() - handle a range lacking valid pmd or pte(s)
343 * @start: range virtual start address (inclusive)
344 * @end: range virtual end address (exclusive)
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]345 * @fault: should we fault or not ?
346 * @write_fault: write fault ?
Jérôme Glisse5504ed22018-04-10 16:28:46 -0700[diff] [blame]347 * @walk: mm_walk structure
348 * Returns: 0 on success, -EAGAIN after page fault, or page fault error
349 *
350 * This function will be called whenever pmd_none() or pte_none() returns true,
351 * or whenever there is no page directory covering the virtual address range.
352 */
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]353static int hmm_vma_walk_hole_(unsigned long addr, unsigned long end,
354 bool fault, bool write_fault,
355 struct mm_walk *walk)
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]356{
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]357 struct hmm_vma_walk *hmm_vma_walk = walk->private;
358 struct hmm_range *range = hmm_vma_walk->range;
Jérôme Glisseff05c0c2018-04-10 16:28:38 -0700[diff] [blame]359 uint64_t *pfns = range->pfns;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]360 unsigned long i;
361
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]362 hmm_vma_walk->last = addr;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]363 i = (addr - range->start) >> PAGE_SHIFT;
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]364 for (; addr < end; addr += PAGE_SIZE, i++) {
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]365 pfns[i] = 0;
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]366 if (fault || write_fault) {
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]367 int ret;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]368
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]369 ret = hmm_vma_do_fault(walk, addr, write_fault,
370 &pfns[i]);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]371 if (ret != -EAGAIN)
372 return ret;
373 }
374 }
375
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]376 return (fault || write_fault) ? -EAGAIN : 0;
377}
378
379static inline void hmm_pte_need_fault(const struct hmm_vma_walk *hmm_vma_walk,
380 uint64_t pfns, uint64_t cpu_flags,
381 bool *fault, bool *write_fault)
382{
383 *fault = *write_fault = false;
384 if (!hmm_vma_walk->fault)
385 return;
386
387 /* We aren't ask to do anything ... */
388 if (!(pfns & HMM_PFN_VALID))
389 return;
390 /* If CPU page table is not valid then we need to fault */
391 *fault = cpu_flags & HMM_PFN_VALID;
392 /* Need to write fault ? */
393 if ((pfns & HMM_PFN_WRITE) && !(cpu_flags & HMM_PFN_WRITE)) {
394 *fault = *write_fault = false;
395 return;
396 }
397 /* Do we fault on device memory ? */
398 if ((pfns & HMM_PFN_DEVICE_PRIVATE) &&
399 (cpu_flags & HMM_PFN_DEVICE_PRIVATE)) {
400 *write_fault = pfns & HMM_PFN_WRITE;
401 *fault = true;
402 }
403}
404
405static void hmm_range_need_fault(const struct hmm_vma_walk *hmm_vma_walk,
406 const uint64_t *pfns, unsigned long npages,
407 uint64_t cpu_flags, bool *fault,
408 bool *write_fault)
409{
410 unsigned long i;
411
412 if (!hmm_vma_walk->fault) {
413 *fault = *write_fault = false;
414 return;
415 }
416
417 for (i = 0; i < npages; ++i) {
418 hmm_pte_need_fault(hmm_vma_walk, pfns[i], cpu_flags,
419 fault, write_fault);
420 if ((*fault) || (*write_fault))
421 return;
422 }
423}
424
425static int hmm_vma_walk_hole(unsigned long addr, unsigned long end,
426 struct mm_walk *walk)
427{
428 struct hmm_vma_walk *hmm_vma_walk = walk->private;
429 struct hmm_range *range = hmm_vma_walk->range;
430 bool fault, write_fault;
431 unsigned long i, npages;
432 uint64_t *pfns;
433
434 i = (addr - range->start) >> PAGE_SHIFT;
435 npages = (end - addr) >> PAGE_SHIFT;
436 pfns = &range->pfns[i];
437 hmm_range_need_fault(hmm_vma_walk, pfns, npages,
438 0, &fault, &write_fault);
439 return hmm_vma_walk_hole_(addr, end, fault, write_fault, walk);
440}
441
442static inline uint64_t pmd_to_hmm_pfn_flags(pmd_t pmd)
443{
444 if (pmd_protnone(pmd))
445 return 0;
446 return pmd_write(pmd) ? HMM_PFN_VALID |
447 HMM_PFN_WRITE :
448 HMM_PFN_VALID;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]449}
450
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]451static int hmm_vma_handle_pmd(struct mm_walk *walk,
452 unsigned long addr,
453 unsigned long end,
454 uint64_t *pfns,
455 pmd_t pmd)
456{
457 struct hmm_vma_walk *hmm_vma_walk = walk->private;
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]458 unsigned long pfn, npages, i;
459 uint64_t flag = 0, cpu_flags;
460 bool fault, write_fault;
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]461
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]462 npages = (end - addr) >> PAGE_SHIFT;
463 cpu_flags = pmd_to_hmm_pfn_flags(pmd);
464 hmm_range_need_fault(hmm_vma_walk, pfns, npages, cpu_flags,
465 &fault, &write_fault);
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]466
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]467 if (pmd_protnone(pmd) || fault || write_fault)
468 return hmm_vma_walk_hole_(addr, end, fault, write_fault, walk);
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]469
470 pfn = pmd_pfn(pmd) + pte_index(addr);
471 flag |= pmd_write(pmd) ? HMM_PFN_WRITE : 0;
472 for (i = 0; addr < end; addr += PAGE_SIZE, i++, pfn++)
473 pfns[i] = hmm_pfn_from_pfn(pfn) | flag;
474 hmm_vma_walk->last = end;
475 return 0;
476}
477
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]478static inline uint64_t pte_to_hmm_pfn_flags(pte_t pte)
479{
480 if (pte_none(pte) || !pte_present(pte))
481 return 0;
482 return pte_write(pte) ? HMM_PFN_VALID |
483 HMM_PFN_WRITE :
484 HMM_PFN_VALID;
485}
486
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]487static int hmm_vma_handle_pte(struct mm_walk *walk, unsigned long addr,
488 unsigned long end, pmd_t *pmdp, pte_t *ptep,
489 uint64_t *pfn)
490{
491 struct hmm_vma_walk *hmm_vma_walk = walk->private;
492 struct vm_area_struct *vma = walk->vma;
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]493 bool fault, write_fault;
494 uint64_t cpu_flags;
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]495 pte_t pte = *ptep;
496
497 *pfn = 0;
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]498 cpu_flags = pte_to_hmm_pfn_flags(pte);
499 hmm_pte_need_fault(hmm_vma_walk, *pfn, cpu_flags,
500 &fault, &write_fault);
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]501
502 if (pte_none(pte)) {
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]503 if (fault || write_fault)
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]504 goto fault;
505 return 0;
506 }
507
508 if (!pte_present(pte)) {
509 swp_entry_t entry = pte_to_swp_entry(pte);
510
511 if (!non_swap_entry(entry)) {
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]512 if (fault || write_fault)
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]513 goto fault;
514 return 0;
515 }
516
517 /*
518 * This is a special swap entry, ignore migration, use
519 * device and report anything else as error.
520 */
521 if (is_device_private_entry(entry)) {
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]522 cpu_flags = HMM_PFN_VALID | HMM_PFN_DEVICE_PRIVATE;
523 cpu_flags |= is_write_device_private_entry(entry) ?
524 HMM_PFN_WRITE : 0;
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]525 *pfn = hmm_pfn_from_pfn(swp_offset(entry));
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]526 *pfn |= HMM_PFN_DEVICE_PRIVATE;
527 return 0;
528 }
529
530 if (is_migration_entry(entry)) {
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]531 if (fault || write_fault) {
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]532 pte_unmap(ptep);
533 hmm_vma_walk->last = addr;
534 migration_entry_wait(vma->vm_mm,
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]535 pmdp, addr);
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]536 return -EAGAIN;
537 }
538 return 0;
539 }
540
541 /* Report error for everything else */
542 *pfn = HMM_PFN_ERROR;
543 return -EFAULT;
544 }
545
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]546 if (fault || write_fault)
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]547 goto fault;
548
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]549 *pfn = hmm_pfn_from_pfn(pte_pfn(pte)) | cpu_flags;
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]550 return 0;
551
552fault:
553 pte_unmap(ptep);
554 /* Fault any virtual address we were asked to fault */
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]555 return hmm_vma_walk_hole_(addr, end, fault, write_fault, walk);
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]556}
557
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]558static int hmm_vma_walk_pmd(pmd_t *pmdp,
559 unsigned long start,
560 unsigned long end,
561 struct mm_walk *walk)
562{
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]563 struct hmm_vma_walk *hmm_vma_walk = walk->private;
564 struct hmm_range *range = hmm_vma_walk->range;
Jérôme Glisseff05c0c2018-04-10 16:28:38 -0700[diff] [blame]565 uint64_t *pfns = range->pfns;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]566 unsigned long addr = start, i;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]567 pte_t *ptep;
568
569 i = (addr - range->start) >> PAGE_SHIFT;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]570
571again:
572 if (pmd_none(*pmdp))
573 return hmm_vma_walk_hole(start, end, walk);
574
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]575 if (pmd_huge(*pmdp) && (range->vma->vm_flags & VM_HUGETLB))
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]576 return hmm_pfns_bad(start, end, walk);
577
578 if (pmd_devmap(*pmdp) || pmd_trans_huge(*pmdp)) {
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]579 pmd_t pmd;
580
581 /*
582 * No need to take pmd_lock here, even if some other threads
583 * is splitting the huge pmd we will get that event through
584 * mmu_notifier callback.
585 *
586 * So just read pmd value and check again its a transparent
587 * huge or device mapping one and compute corresponding pfn
588 * values.
589 */
590 pmd = pmd_read_atomic(pmdp);
591 barrier();
592 if (!pmd_devmap(pmd) && !pmd_trans_huge(pmd))
593 goto again;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]594
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]595 return hmm_vma_handle_pmd(walk, addr, end, &pfns[i], pmd);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]596 }
597
598 if (pmd_bad(*pmdp))
599 return hmm_pfns_bad(start, end, walk);
600
601 ptep = pte_offset_map(pmdp, addr);
602 for (; addr < end; addr += PAGE_SIZE, ptep++, i++) {
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]603 int r;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]604
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]605 r = hmm_vma_handle_pte(walk, addr, end, pmdp, ptep, &pfns[i]);
606 if (r) {
607 /* hmm_vma_handle_pte() did unmap pte directory */
608 hmm_vma_walk->last = addr;
609 return r;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]610 }
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]611 }
612 pte_unmap(ptep - 1);
613
Jérôme Glisse53f5c3f2018-04-10 16:28:59 -0700[diff] [blame]614 hmm_vma_walk->last = addr;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]615 return 0;
616}
617
Jérôme Glisse33cd47d2018-04-10 16:28:54 -0700[diff] [blame]618static void hmm_pfns_clear(uint64_t *pfns,
619 unsigned long addr,
620 unsigned long end)
621{
622 for (; addr < end; addr += PAGE_SIZE, pfns++)
623 *pfns = 0;
624}
625
Jérôme Glisse855ce7d2018-04-10 16:28:42 -0700[diff] [blame]626static void hmm_pfns_special(struct hmm_range *range)
627{
628 unsigned long addr = range->start, i = 0;
629
630 for (; addr < range->end; addr += PAGE_SIZE, i++)
631 range->pfns[i] = HMM_PFN_SPECIAL;
632}
633
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]634/*
635 * hmm_vma_get_pfns() - snapshot CPU page table for a range of virtual addresses
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]636 * @range: range being snapshotted
Jérôme Glisse86586a42018-04-10 16:28:34 -0700[diff] [blame]637 * Returns: -EINVAL if invalid argument, -ENOMEM out of memory, -EPERM invalid
638 * vma permission, 0 success
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]639 *
640 * This snapshots the CPU page table for a range of virtual addresses. Snapshot
641 * validity is tracked by range struct. See hmm_vma_range_done() for further
642 * information.
643 *
644 * The range struct is initialized here. It tracks the CPU page table, but only
645 * if the function returns success (0), in which case the caller must then call
646 * hmm_vma_range_done() to stop CPU page table update tracking on this range.
647 *
648 * NOT CALLING hmm_vma_range_done() IF FUNCTION RETURNS 0 WILL LEAD TO SERIOUS
649 * MEMORY CORRUPTION ! YOU HAVE BEEN WARNED !
650 */
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]651int hmm_vma_get_pfns(struct hmm_range *range)
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]652{
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]653 struct vm_area_struct *vma = range->vma;
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]654 struct hmm_vma_walk hmm_vma_walk;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]655 struct mm_walk mm_walk;
656 struct hmm *hmm;
657
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]658 /* Sanity check, this really should not happen ! */
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]659 if (range->start < vma->vm_start || range->start >= vma->vm_end)
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]660 return -EINVAL;
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]661 if (range->end < vma->vm_start || range->end > vma->vm_end)
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]662 return -EINVAL;
663
664 hmm = hmm_register(vma->vm_mm);
665 if (!hmm)
666 return -ENOMEM;
667 /* Caller must have registered a mirror, via hmm_mirror_register() ! */
668 if (!hmm->mmu_notifier.ops)
669 return -EINVAL;
670
Jérôme Glisse855ce7d2018-04-10 16:28:42 -0700[diff] [blame]671 /* FIXME support hugetlb fs */
672 if (is_vm_hugetlb_page(vma) || (vma->vm_flags & VM_SPECIAL)) {
673 hmm_pfns_special(range);
674 return -EINVAL;
675 }
676
Jérôme Glisse86586a42018-04-10 16:28:34 -0700[diff] [blame]677 if (!(vma->vm_flags & VM_READ)) {
678 /*
679 * If vma do not allow read access, then assume that it does
680 * not allow write access, either. Architecture that allow
681 * write without read access are not supported by HMM, because
682 * operations such has atomic access would not work.
683 */
684 hmm_pfns_clear(range->pfns, range->start, range->end);
685 return -EPERM;
686 }
687
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]688 /* Initialize range to track CPU page table update */
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]689 spin_lock(&hmm->lock);
690 range->valid = true;
691 list_add_rcu(&range->list, &hmm->ranges);
692 spin_unlock(&hmm->lock);
693
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]694 hmm_vma_walk.fault = false;
695 hmm_vma_walk.range = range;
696 mm_walk.private = &hmm_vma_walk;
697
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]698 mm_walk.vma = vma;
699 mm_walk.mm = vma->vm_mm;
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]700 mm_walk.pte_entry = NULL;
701 mm_walk.test_walk = NULL;
702 mm_walk.hugetlb_entry = NULL;
703 mm_walk.pmd_entry = hmm_vma_walk_pmd;
704 mm_walk.pte_hole = hmm_vma_walk_hole;
705
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]706 walk_page_range(range->start, range->end, &mm_walk);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]707 return 0;
708}
709EXPORT_SYMBOL(hmm_vma_get_pfns);
710
711/*
712 * hmm_vma_range_done() - stop tracking change to CPU page table over a range
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]713 * @range: range being tracked
714 * Returns: false if range data has been invalidated, true otherwise
715 *
716 * Range struct is used to track updates to the CPU page table after a call to
717 * either hmm_vma_get_pfns() or hmm_vma_fault(). Once the device driver is done
718 * using the data, or wants to lock updates to the data it got from those
719 * functions, it must call the hmm_vma_range_done() function, which will then
720 * stop tracking CPU page table updates.
721 *
722 * Note that device driver must still implement general CPU page table update
723 * tracking either by using hmm_mirror (see hmm_mirror_register()) or by using
724 * the mmu_notifier API directly.
725 *
726 * CPU page table update tracking done through hmm_range is only temporary and
727 * to be used while trying to duplicate CPU page table contents for a range of
728 * virtual addresses.
729 *
730 * There are two ways to use this :
731 * again:
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]732 * hmm_vma_get_pfns(range); or hmm_vma_fault(...);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]733 * trans = device_build_page_table_update_transaction(pfns);
734 * device_page_table_lock();
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]735 * if (!hmm_vma_range_done(range)) {
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]736 * device_page_table_unlock();
737 * goto again;
738 * }
739 * device_commit_transaction(trans);
740 * device_page_table_unlock();
741 *
742 * Or:
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]743 * hmm_vma_get_pfns(range); or hmm_vma_fault(...);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]744 * device_page_table_lock();
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]745 * hmm_vma_range_done(range);
746 * device_update_page_table(range->pfns);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]747 * device_page_table_unlock();
748 */
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]749bool hmm_vma_range_done(struct hmm_range *range)
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]750{
751 unsigned long npages = (range->end - range->start) >> PAGE_SHIFT;
752 struct hmm *hmm;
753
754 if (range->end <= range->start) {
755 BUG();
756 return false;
757 }
758
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]759 hmm = hmm_register(range->vma->vm_mm);
Jérôme Glisseda4c3c72017-09-08 16:11:31 -0700[diff] [blame]760 if (!hmm) {
761 memset(range->pfns, 0, sizeof(*range->pfns) * npages);
762 return false;
763 }
764
765 spin_lock(&hmm->lock);
766 list_del_rcu(&range->list);
767 spin_unlock(&hmm->lock);
768
769 return range->valid;
770}
771EXPORT_SYMBOL(hmm_vma_range_done);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]772
773/*
774 * hmm_vma_fault() - try to fault some address in a virtual address range
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]775 * @range: range being faulted
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]776 * @block: allow blocking on fault (if true it sleeps and do not drop mmap_sem)
777 * Returns: 0 success, error otherwise (-EAGAIN means mmap_sem have been drop)
778 *
779 * This is similar to a regular CPU page fault except that it will not trigger
780 * any memory migration if the memory being faulted is not accessible by CPUs.
781 *
Jérôme Glisseff05c0c2018-04-10 16:28:38 -0700[diff] [blame]782 * On error, for one virtual address in the range, the function will mark the
783 * corresponding HMM pfn entry with an error flag.
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]784 *
785 * Expected use pattern:
786 * retry:
787 * down_read(&mm->mmap_sem);
788 * // Find vma and address device wants to fault, initialize hmm_pfn_t
789 * // array accordingly
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]790 * ret = hmm_vma_fault(range, write, block);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]791 * switch (ret) {
792 * case -EAGAIN:
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]793 * hmm_vma_range_done(range);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]794 * // You might want to rate limit or yield to play nicely, you may
795 * // also commit any valid pfn in the array assuming that you are
796 * // getting true from hmm_vma_range_monitor_end()
797 * goto retry;
798 * case 0:
799 * break;
Jérôme Glisse86586a42018-04-10 16:28:34 -0700[diff] [blame]800 * case -ENOMEM:
801 * case -EINVAL:
802 * case -EPERM:
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]803 * default:
804 * // Handle error !
805 * up_read(&mm->mmap_sem)
806 * return;
807 * }
808 * // Take device driver lock that serialize device page table update
809 * driver_lock_device_page_table_update();
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]810 * hmm_vma_range_done(range);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]811 * // Commit pfns we got from hmm_vma_fault()
812 * driver_unlock_device_page_table_update();
813 * up_read(&mm->mmap_sem)
814 *
815 * YOU MUST CALL hmm_vma_range_done() AFTER THIS FUNCTION RETURN SUCCESS (0)
816 * BEFORE FREEING THE range struct OR YOU WILL HAVE SERIOUS MEMORY CORRUPTION !
817 *
818 * YOU HAVE BEEN WARNED !
819 */
Jérôme Glisse2aee09d2018-04-10 16:29:02 -0700[diff] [blame^]820int hmm_vma_fault(struct hmm_range *range, bool block)
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]821{
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]822 struct vm_area_struct *vma = range->vma;
823 unsigned long start = range->start;
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]824 struct hmm_vma_walk hmm_vma_walk;
825 struct mm_walk mm_walk;
826 struct hmm *hmm;
827 int ret;
828
829 /* Sanity check, this really should not happen ! */
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]830 if (range->start < vma->vm_start || range->start >= vma->vm_end)
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]831 return -EINVAL;
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]832 if (range->end < vma->vm_start || range->end > vma->vm_end)
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]833 return -EINVAL;
834
835 hmm = hmm_register(vma->vm_mm);
836 if (!hmm) {
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]837 hmm_pfns_clear(range->pfns, range->start, range->end);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]838 return -ENOMEM;
839 }
840 /* Caller must have registered a mirror using hmm_mirror_register() */
841 if (!hmm->mmu_notifier.ops)
842 return -EINVAL;
843
Jérôme Glisse855ce7d2018-04-10 16:28:42 -0700[diff] [blame]844 /* FIXME support hugetlb fs */
845 if (is_vm_hugetlb_page(vma) || (vma->vm_flags & VM_SPECIAL)) {
846 hmm_pfns_special(range);
847 return -EINVAL;
848 }
849
Jérôme Glisse86586a42018-04-10 16:28:34 -0700[diff] [blame]850 if (!(vma->vm_flags & VM_READ)) {
851 /*
852 * If vma do not allow read access, then assume that it does
853 * not allow write access, either. Architecture that allow
854 * write without read access are not supported by HMM, because
855 * operations such has atomic access would not work.
856 */
857 hmm_pfns_clear(range->pfns, range->start, range->end);
858 return -EPERM;
859 }
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]860
Jérôme Glisse86586a42018-04-10 16:28:34 -0700[diff] [blame]861 /* Initialize range to track CPU page table update */
862 spin_lock(&hmm->lock);
863 range->valid = true;
864 list_add_rcu(&range->list, &hmm->ranges);
865 spin_unlock(&hmm->lock);
866
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]867 hmm_vma_walk.fault = true;
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]868 hmm_vma_walk.block = block;
869 hmm_vma_walk.range = range;
870 mm_walk.private = &hmm_vma_walk;
871 hmm_vma_walk.last = range->start;
872
873 mm_walk.vma = vma;
874 mm_walk.mm = vma->vm_mm;
875 mm_walk.pte_entry = NULL;
876 mm_walk.test_walk = NULL;
877 mm_walk.hugetlb_entry = NULL;
878 mm_walk.pmd_entry = hmm_vma_walk_pmd;
879 mm_walk.pte_hole = hmm_vma_walk_hole;
880
881 do {
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]882 ret = walk_page_range(start, range->end, &mm_walk);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]883 start = hmm_vma_walk.last;
884 } while (ret == -EAGAIN);
885
886 if (ret) {
887 unsigned long i;
888
889 i = (hmm_vma_walk.last - range->start) >> PAGE_SHIFT;
Jérôme Glisse08232a42018-04-10 16:28:30 -0700[diff] [blame]890 hmm_pfns_clear(&range->pfns[i], hmm_vma_walk.last, range->end);
891 hmm_vma_range_done(range);
Jérôme Glisse74eee182017-09-08 16:11:35 -0700[diff] [blame]892 }
893 return ret;
894}
895EXPORT_SYMBOL(hmm_vma_fault);
Jérôme Glissec0b12402017-09-08 16:11:27 -0700[diff] [blame]896#endif /* IS_ENABLED(CONFIG_HMM_MIRROR) */
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]897
898
Jérôme Glissedf6ad692017-09-08 16:12:24 -0700[diff] [blame]899#if IS_ENABLED(CONFIG_DEVICE_PRIVATE) || IS_ENABLED(CONFIG_DEVICE_PUBLIC)
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]900struct page *hmm_vma_alloc_locked_page(struct vm_area_struct *vma,
901 unsigned long addr)
902{
903 struct page *page;
904
905 page = alloc_page_vma(GFP_HIGHUSER, vma, addr);
906 if (!page)
907 return NULL;
908 lock_page(page);
909 return page;
910}
911EXPORT_SYMBOL(hmm_vma_alloc_locked_page);
912
913
914static void hmm_devmem_ref_release(struct percpu_ref *ref)
915{
916 struct hmm_devmem *devmem;
917
918 devmem = container_of(ref, struct hmm_devmem, ref);
919 complete(&devmem->completion);
920}
921
922static void hmm_devmem_ref_exit(void *data)
923{
924 struct percpu_ref *ref = data;
925 struct hmm_devmem *devmem;
926
927 devmem = container_of(ref, struct hmm_devmem, ref);
928 percpu_ref_exit(ref);
929 devm_remove_action(devmem->device, &hmm_devmem_ref_exit, data);
930}
931
932static void hmm_devmem_ref_kill(void *data)
933{
934 struct percpu_ref *ref = data;
935 struct hmm_devmem *devmem;
936
937 devmem = container_of(ref, struct hmm_devmem, ref);
938 percpu_ref_kill(ref);
939 wait_for_completion(&devmem->completion);
940 devm_remove_action(devmem->device, &hmm_devmem_ref_kill, data);
941}
942
943static int hmm_devmem_fault(struct vm_area_struct *vma,
944 unsigned long addr,
945 const struct page *page,
946 unsigned int flags,
947 pmd_t *pmdp)
948{
949 struct hmm_devmem *devmem = page->pgmap->data;
950
951 return devmem->ops->fault(devmem, vma, addr, page, flags, pmdp);
952}
953
954static void hmm_devmem_free(struct page *page, void *data)
955{
956 struct hmm_devmem *devmem = data;
957
958 devmem->ops->free(devmem, page);
959}
960
961static DEFINE_MUTEX(hmm_devmem_lock);
962static RADIX_TREE(hmm_devmem_radix, GFP_KERNEL);
963
964static void hmm_devmem_radix_release(struct resource *resource)
965{
Colin Ian Kingfec11bc2017-11-15 17:38:52 -0800[diff] [blame]966 resource_size_t key, align_start, align_size;
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]967
968 align_start = resource->start & ~(PA_SECTION_SIZE - 1);
969 align_size = ALIGN(resource_size(resource), PA_SECTION_SIZE);
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]970
971 mutex_lock(&hmm_devmem_lock);
972 for (key = resource->start;
973 key <= resource->end;
974 key += PA_SECTION_SIZE)
975 radix_tree_delete(&hmm_devmem_radix, key >> PA_SECTION_SHIFT);
976 mutex_unlock(&hmm_devmem_lock);
977}
978
979static void hmm_devmem_release(struct device *dev, void *data)
980{
981 struct hmm_devmem *devmem = data;
982 struct resource *resource = devmem->resource;
983 unsigned long start_pfn, npages;
984 struct zone *zone;
985 struct page *page;
986
987 if (percpu_ref_tryget_live(&devmem->ref)) {
988 dev_WARN(dev, "%s: page mapping is still live!\n", __func__);
989 percpu_ref_put(&devmem->ref);
990 }
991
992 /* pages are dead and unused, undo the arch mapping */
993 start_pfn = (resource->start & ~(PA_SECTION_SIZE - 1)) >> PAGE_SHIFT;
994 npages = ALIGN(resource_size(resource), PA_SECTION_SIZE) >> PAGE_SHIFT;
995
996 page = pfn_to_page(start_pfn);
997 zone = page_zone(page);
998
999 mem_hotplug_begin();
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1000 if (resource->desc == IORES_DESC_DEVICE_PRIVATE_MEMORY)
Christoph Hellwigda024512017-12-29 08:53:55 +0100[diff] [blame]1001 __remove_pages(zone, start_pfn, npages, NULL);
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1002 else
1003 arch_remove_memory(start_pfn << PAGE_SHIFT,
Christoph Hellwigda024512017-12-29 08:53:55 +0100[diff] [blame]1004 npages << PAGE_SHIFT, NULL);
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1005 mem_hotplug_done();
1006
1007 hmm_devmem_radix_release(resource);
1008}
1009
1010static struct hmm_devmem *hmm_devmem_find(resource_size_t phys)
1011{
1012 WARN_ON_ONCE(!rcu_read_lock_held());
1013
1014 return radix_tree_lookup(&hmm_devmem_radix, phys >> PA_SECTION_SHIFT);
1015}
1016
1017static int hmm_devmem_pages_create(struct hmm_devmem *devmem)
1018{
1019 resource_size_t key, align_start, align_size, align_end;
1020 struct device *device = devmem->device;
1021 int ret, nid, is_ram;
1022 unsigned long pfn;
1023
1024 align_start = devmem->resource->start & ~(PA_SECTION_SIZE - 1);
1025 align_size = ALIGN(devmem->resource->start +
1026 resource_size(devmem->resource),
1027 PA_SECTION_SIZE) - align_start;
1028
1029 is_ram = region_intersects(align_start, align_size,
1030 IORESOURCE_SYSTEM_RAM,
1031 IORES_DESC_NONE);
1032 if (is_ram == REGION_MIXED) {
1033 WARN_ONCE(1, "%s attempted on mixed region %pr\n",
1034 __func__, devmem->resource);
1035 return -ENXIO;
1036 }
1037 if (is_ram == REGION_INTERSECTS)
1038 return -ENXIO;
1039
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1040 if (devmem->resource->desc == IORES_DESC_DEVICE_PUBLIC_MEMORY)
1041 devmem->pagemap.type = MEMORY_DEVICE_PUBLIC;
1042 else
1043 devmem->pagemap.type = MEMORY_DEVICE_PRIVATE;
1044
Logan Gunthorpee7744aa2017-12-29 08:54:04 +0100[diff] [blame]1045 devmem->pagemap.res = *devmem->resource;
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1046 devmem->pagemap.page_fault = hmm_devmem_fault;
1047 devmem->pagemap.page_free = hmm_devmem_free;
1048 devmem->pagemap.dev = devmem->device;
1049 devmem->pagemap.ref = &devmem->ref;
1050 devmem->pagemap.data = devmem;
1051
1052 mutex_lock(&hmm_devmem_lock);
1053 align_end = align_start + align_size - 1;
1054 for (key = align_start; key <= align_end; key += PA_SECTION_SIZE) {
1055 struct hmm_devmem *dup;
1056
1057 rcu_read_lock();
1058 dup = hmm_devmem_find(key);
1059 rcu_read_unlock();
1060 if (dup) {
1061 dev_err(device, "%s: collides with mapping for %s\n",
1062 __func__, dev_name(dup->device));
1063 mutex_unlock(&hmm_devmem_lock);
1064 ret = -EBUSY;
1065 goto error;
1066 }
1067 ret = radix_tree_insert(&hmm_devmem_radix,
1068 key >> PA_SECTION_SHIFT,
1069 devmem);
1070 if (ret) {
1071 dev_err(device, "%s: failed: %d\n", __func__, ret);
1072 mutex_unlock(&hmm_devmem_lock);
1073 goto error_radix;
1074 }
1075 }
1076 mutex_unlock(&hmm_devmem_lock);
1077
1078 nid = dev_to_node(device);
1079 if (nid < 0)
1080 nid = numa_mem_id();
1081
1082 mem_hotplug_begin();
1083 /*
1084 * For device private memory we call add_pages() as we only need to
1085 * allocate and initialize struct page for the device memory. More-
1086 * over the device memory is un-accessible thus we do not want to
1087 * create a linear mapping for the memory like arch_add_memory()
1088 * would do.
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1089 *
1090 * For device public memory, which is accesible by the CPU, we do
1091 * want the linear mapping and thus use arch_add_memory().
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1092 */
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1093 if (devmem->pagemap.type == MEMORY_DEVICE_PUBLIC)
Christoph Hellwig24e6d5a2017-12-29 08:53:53 +0100[diff] [blame]1094 ret = arch_add_memory(nid, align_start, align_size, NULL,
1095 false);
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1096 else
1097 ret = add_pages(nid, align_start >> PAGE_SHIFT,
Christoph Hellwig24e6d5a2017-12-29 08:53:53 +0100[diff] [blame]1098 align_size >> PAGE_SHIFT, NULL, false);
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1099 if (ret) {
1100 mem_hotplug_done();
1101 goto error_add_memory;
1102 }
1103 move_pfn_range_to_zone(&NODE_DATA(nid)->node_zones[ZONE_DEVICE],
1104 align_start >> PAGE_SHIFT,
Christoph Hellwiga99583e2017-12-29 08:53:57 +0100[diff] [blame]1105 align_size >> PAGE_SHIFT, NULL);
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1106 mem_hotplug_done();
1107
1108 for (pfn = devmem->pfn_first; pfn < devmem->pfn_last; pfn++) {
1109 struct page *page = pfn_to_page(pfn);
1110
1111 page->pgmap = &devmem->pagemap;
1112 }
1113 return 0;
1114
1115error_add_memory:
1116 untrack_pfn(NULL, PHYS_PFN(align_start), align_size);
1117error_radix:
1118 hmm_devmem_radix_release(devmem->resource);
1119error:
1120 return ret;
1121}
1122
1123static int hmm_devmem_match(struct device *dev, void *data, void *match_data)
1124{
1125 struct hmm_devmem *devmem = data;
1126
1127 return devmem->resource == match_data;
1128}
1129
1130static void hmm_devmem_pages_remove(struct hmm_devmem *devmem)
1131{
1132 devres_release(devmem->device, &hmm_devmem_release,
1133 &hmm_devmem_match, devmem->resource);
1134}
1135
1136/*
1137 * hmm_devmem_add() - hotplug ZONE_DEVICE memory for device memory
1138 *
1139 * @ops: memory event device driver callback (see struct hmm_devmem_ops)
1140 * @device: device struct to bind the resource too
1141 * @size: size in bytes of the device memory to add
1142 * Returns: pointer to new hmm_devmem struct ERR_PTR otherwise
1143 *
1144 * This function first finds an empty range of physical address big enough to
1145 * contain the new resource, and then hotplugs it as ZONE_DEVICE memory, which
1146 * in turn allocates struct pages. It does not do anything beyond that; all
1147 * events affecting the memory will go through the various callbacks provided
1148 * by hmm_devmem_ops struct.
1149 *
1150 * Device driver should call this function during device initialization and
1151 * is then responsible of memory management. HMM only provides helpers.
1152 */
1153struct hmm_devmem *hmm_devmem_add(const struct hmm_devmem_ops *ops,
1154 struct device *device,
1155 unsigned long size)
1156{
1157 struct hmm_devmem *devmem;
1158 resource_size_t addr;
1159 int ret;
1160
1161 static_branch_enable(&device_private_key);
1162
1163 devmem = devres_alloc_node(&hmm_devmem_release, sizeof(*devmem),
1164 GFP_KERNEL, dev_to_node(device));
1165 if (!devmem)
1166 return ERR_PTR(-ENOMEM);
1167
1168 init_completion(&devmem->completion);
1169 devmem->pfn_first = -1UL;
1170 devmem->pfn_last = -1UL;
1171 devmem->resource = NULL;
1172 devmem->device = device;
1173 devmem->ops = ops;
1174
1175 ret = percpu_ref_init(&devmem->ref, &hmm_devmem_ref_release,
1176 0, GFP_KERNEL);
1177 if (ret)
1178 goto error_percpu_ref;
1179
1180 ret = devm_add_action(device, hmm_devmem_ref_exit, &devmem->ref);
1181 if (ret)
1182 goto error_devm_add_action;
1183
1184 size = ALIGN(size, PA_SECTION_SIZE);
1185 addr = min((unsigned long)iomem_resource.end,
1186 (1UL << MAX_PHYSMEM_BITS) - 1);
1187 addr = addr - size + 1UL;
1188
1189 /*
1190 * FIXME add a new helper to quickly walk resource tree and find free
1191 * range
1192 *
1193 * FIXME what about ioport_resource resource ?
1194 */
1195 for (; addr > size && addr >= iomem_resource.start; addr -= size) {
1196 ret = region_intersects(addr, size, 0, IORES_DESC_NONE);
1197 if (ret != REGION_DISJOINT)
1198 continue;
1199
1200 devmem->resource = devm_request_mem_region(device, addr, size,
1201 dev_name(device));
1202 if (!devmem->resource) {
1203 ret = -ENOMEM;
1204 goto error_no_resource;
1205 }
1206 break;
1207 }
1208 if (!devmem->resource) {
1209 ret = -ERANGE;
1210 goto error_no_resource;
1211 }
1212
1213 devmem->resource->desc = IORES_DESC_DEVICE_PRIVATE_MEMORY;
1214 devmem->pfn_first = devmem->resource->start >> PAGE_SHIFT;
1215 devmem->pfn_last = devmem->pfn_first +
1216 (resource_size(devmem->resource) >> PAGE_SHIFT);
1217
1218 ret = hmm_devmem_pages_create(devmem);
1219 if (ret)
1220 goto error_pages;
1221
1222 devres_add(device, devmem);
1223
1224 ret = devm_add_action(device, hmm_devmem_ref_kill, &devmem->ref);
1225 if (ret) {
1226 hmm_devmem_remove(devmem);
1227 return ERR_PTR(ret);
1228 }
1229
1230 return devmem;
1231
1232error_pages:
1233 devm_release_mem_region(device, devmem->resource->start,
1234 resource_size(devmem->resource));
1235error_no_resource:
1236error_devm_add_action:
1237 hmm_devmem_ref_kill(&devmem->ref);
1238 hmm_devmem_ref_exit(&devmem->ref);
1239error_percpu_ref:
1240 devres_free(devmem);
1241 return ERR_PTR(ret);
1242}
1243EXPORT_SYMBOL(hmm_devmem_add);
1244
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1245struct hmm_devmem *hmm_devmem_add_resource(const struct hmm_devmem_ops *ops,
1246 struct device *device,
1247 struct resource *res)
1248{
1249 struct hmm_devmem *devmem;
1250 int ret;
1251
1252 if (res->desc != IORES_DESC_DEVICE_PUBLIC_MEMORY)
1253 return ERR_PTR(-EINVAL);
1254
1255 static_branch_enable(&device_private_key);
1256
1257 devmem = devres_alloc_node(&hmm_devmem_release, sizeof(*devmem),
1258 GFP_KERNEL, dev_to_node(device));
1259 if (!devmem)
1260 return ERR_PTR(-ENOMEM);
1261
1262 init_completion(&devmem->completion);
1263 devmem->pfn_first = -1UL;
1264 devmem->pfn_last = -1UL;
1265 devmem->resource = res;
1266 devmem->device = device;
1267 devmem->ops = ops;
1268
1269 ret = percpu_ref_init(&devmem->ref, &hmm_devmem_ref_release,
1270 0, GFP_KERNEL);
1271 if (ret)
1272 goto error_percpu_ref;
1273
1274 ret = devm_add_action(device, hmm_devmem_ref_exit, &devmem->ref);
1275 if (ret)
1276 goto error_devm_add_action;
1277
1278
1279 devmem->pfn_first = devmem->resource->start >> PAGE_SHIFT;
1280 devmem->pfn_last = devmem->pfn_first +
1281 (resource_size(devmem->resource) >> PAGE_SHIFT);
1282
1283 ret = hmm_devmem_pages_create(devmem);
1284 if (ret)
1285 goto error_devm_add_action;
1286
1287 devres_add(device, devmem);
1288
1289 ret = devm_add_action(device, hmm_devmem_ref_kill, &devmem->ref);
1290 if (ret) {
1291 hmm_devmem_remove(devmem);
1292 return ERR_PTR(ret);
1293 }
1294
1295 return devmem;
1296
1297error_devm_add_action:
1298 hmm_devmem_ref_kill(&devmem->ref);
1299 hmm_devmem_ref_exit(&devmem->ref);
1300error_percpu_ref:
1301 devres_free(devmem);
1302 return ERR_PTR(ret);
1303}
1304EXPORT_SYMBOL(hmm_devmem_add_resource);
1305
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1306/*
1307 * hmm_devmem_remove() - remove device memory (kill and free ZONE_DEVICE)
1308 *
1309 * @devmem: hmm_devmem struct use to track and manage the ZONE_DEVICE memory
1310 *
1311 * This will hot-unplug memory that was hotplugged by hmm_devmem_add on behalf
1312 * of the device driver. It will free struct page and remove the resource that
1313 * reserved the physical address range for this device memory.
1314 */
1315void hmm_devmem_remove(struct hmm_devmem *devmem)
1316{
1317 resource_size_t start, size;
1318 struct device *device;
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1319 bool cdm = false;
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1320
1321 if (!devmem)
1322 return;
1323
1324 device = devmem->device;
1325 start = devmem->resource->start;
1326 size = resource_size(devmem->resource);
1327
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1328 cdm = devmem->resource->desc == IORES_DESC_DEVICE_PUBLIC_MEMORY;
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1329 hmm_devmem_ref_kill(&devmem->ref);
1330 hmm_devmem_ref_exit(&devmem->ref);
1331 hmm_devmem_pages_remove(devmem);
1332
Jérôme Glissed3df0a42017-09-08 16:12:28 -0700[diff] [blame]1333 if (!cdm)
1334 devm_release_mem_region(device, start, size);
Jérôme Glisse4ef589d2017-09-08 16:11:58 -0700[diff] [blame]1335}
1336EXPORT_SYMBOL(hmm_devmem_remove);
Jérôme Glisse858b54d2017-09-08 16:12:02 -0700[diff] [blame]1337
1338/*
1339 * A device driver that wants to handle multiple devices memory through a
1340 * single fake device can use hmm_device to do so. This is purely a helper
1341 * and it is not needed to make use of any HMM functionality.
1342 */
1343#define HMM_DEVICE_MAX 256
1344
1345static DECLARE_BITMAP(hmm_device_mask, HMM_DEVICE_MAX);
1346static DEFINE_SPINLOCK(hmm_device_lock);
1347static struct class *hmm_device_class;
1348static dev_t hmm_device_devt;
1349
1350static void hmm_device_release(struct device *device)
1351{
1352 struct hmm_device *hmm_device;
1353
1354 hmm_device = container_of(device, struct hmm_device, device);
1355 spin_lock(&hmm_device_lock);
1356 clear_bit(hmm_device->minor, hmm_device_mask);
1357 spin_unlock(&hmm_device_lock);
1358
1359 kfree(hmm_device);
1360}
1361
1362struct hmm_device *hmm_device_new(void *drvdata)
1363{
1364 struct hmm_device *hmm_device;
1365
1366 hmm_device = kzalloc(sizeof(*hmm_device), GFP_KERNEL);
1367 if (!hmm_device)
1368 return ERR_PTR(-ENOMEM);
1369
1370 spin_lock(&hmm_device_lock);
1371 hmm_device->minor = find_first_zero_bit(hmm_device_mask, HMM_DEVICE_MAX);
1372 if (hmm_device->minor >= HMM_DEVICE_MAX) {
1373 spin_unlock(&hmm_device_lock);
1374 kfree(hmm_device);
1375 return ERR_PTR(-EBUSY);
1376 }
1377 set_bit(hmm_device->minor, hmm_device_mask);
1378 spin_unlock(&hmm_device_lock);
1379
1380 dev_set_name(&hmm_device->device, "hmm_device%d", hmm_device->minor);
1381 hmm_device->device.devt = MKDEV(MAJOR(hmm_device_devt),
1382 hmm_device->minor);
1383 hmm_device->device.release = hmm_device_release;
1384 dev_set_drvdata(&hmm_device->device, drvdata);
1385 hmm_device->device.class = hmm_device_class;
1386 device_initialize(&hmm_device->device);
1387
1388 return hmm_device;
1389}
1390EXPORT_SYMBOL(hmm_device_new);
1391
1392void hmm_device_put(struct hmm_device *hmm_device)
1393{
1394 put_device(&hmm_device->device);
1395}
1396EXPORT_SYMBOL(hmm_device_put);
1397
1398static int __init hmm_init(void)
1399{
1400 int ret;
1401
1402 ret = alloc_chrdev_region(&hmm_device_devt, 0,
1403 HMM_DEVICE_MAX,
1404 "hmm_device");
1405 if (ret)
1406 return ret;
1407
1408 hmm_device_class = class_create(THIS_MODULE, "hmm_device");
1409 if (IS_ERR(hmm_device_class)) {
1410 unregister_chrdev_region(hmm_device_devt, HMM_DEVICE_MAX);
1411 return PTR_ERR(hmm_device_class);
1412 }
1413 return 0;
1414}
1415
1416device_initcall(hmm_init);
Jérôme Glissedf6ad692017-09-08 16:12:24 -0700[diff] [blame]1417#endif /* CONFIG_DEVICE_PRIVATE || CONFIG_DEVICE_PUBLIC */